If your cloud-based server is unhardened or weakly configured, your business is vulnerable, and you’re leaving yourself open to loss of reputation. The news has been full of data breaches due to leaky S3 buckets.
Whether it is AWS, Azure or any other cloud provider, there is a huge range of services relating to computing and storage, content delivery, network and security management. Majority of the times, the use of cloud services is internal to the organization or as a service to its customers.
A configuration review is authenticated and checks for security baselines, identifying risks in your network from both internal sources and external threat actors. Reviews are usually carried out on new deployments before the production release, or during infrastructure revisions.
The underlying cloud provider's environment is always out of our remit: what a cloud tenant needs is to make sure that their platform configuration, application code or any assets deployed within this environment are free from security risks. Defendza’s review system ensures this. For instance, top issues around AWS checks include:
This area involves checks around network security controls such as ingress, egress rulesets, flow logging, traffic restrictions, and least access privileges.
The monitoring phase is one of the critical tasks responsible for alerting relevant contacts during an incident. This involves reliance on the logging and related configuration parameters to ensure right metric filters are in place. These reviews include checks for real-time monitoring configuration, alarms for any changes made to access control lists, security policy/groups, routing tables, and related parameters.
All major cloud service providers offer web services that record API calls for tenant account. This information contains various parameters such as API source, calls details, requests/response elements. This phase includes a review of API calls for an account, log file validation, encryption at rest, access checks if logs are restricted from public view and access logging, configuration management and monitoring options.
This phase involves reviewing identity and access management related controls. Generally, these include checks on the use of higher privilege accounts, use of MFA, password policy, IAM policies, access keys and credentials usage policies.
Cyber security is a business enabler. We make sure we understand your business and its needs so that we can help you grow your business in the certain knowledge that it’s protected.
Apart from the range of commercial and open source tools available for specific testing, our team has its own custom scripts for efficient testing. We provide accurate results to make sure our clients completely understand any vulnerabilities we report.
Our teams are led by veteran security consultants accredited by CREST standards for the last several years. Our experience shows that our clients are best served by giving them the right advice for their cyber security needs. We do not believe in spreading fear, uncertainty and doubt to generate more business.
Much of the manufacturing industry has failed to take proactive steps to defend against cyber attacks—which is a notable problem considering the growing threats the industry faces
